| 1 | .\" Automatically generated by Pod::Man 2.25 (Pod::Simple 3.20) |
1 | .\" Automatically generated by Pod::Man 2.28 (Pod::Simple 3.30) |
| 2 | .\" |
2 | .\" |
| 3 | .\" Standard preamble: |
3 | .\" Standard preamble: |
| 4 | .\" ======================================================================== |
4 | .\" ======================================================================== |
| 5 | .de Sp \" Vertical space (when we can't use .PP) |
5 | .de Sp \" Vertical space (when we can't use .PP) |
| 6 | .if t .sp .5v |
6 | .if t .sp .5v |
| … | |
… | |
| 36 | .el\{\ |
36 | .el\{\ |
| 37 | . ds -- \|\(em\| |
37 | . ds -- \|\(em\| |
| 38 | . ds PI \(*p |
38 | . ds PI \(*p |
| 39 | . ds L" `` |
39 | . ds L" `` |
| 40 | . ds R" '' |
40 | . ds R" '' |
|
|
41 | . ds C` |
|
|
42 | . ds C' |
| 41 | 'br\} |
43 | 'br\} |
| 42 | .\" |
44 | .\" |
| 43 | .\" Escape single quotes in literal strings from groff's Unicode transform. |
45 | .\" Escape single quotes in literal strings from groff's Unicode transform. |
| 44 | .ie \n(.g .ds Aq \(aq |
46 | .ie \n(.g .ds Aq \(aq |
| 45 | .el .ds Aq ' |
47 | .el .ds Aq ' |
| 46 | .\" |
48 | .\" |
| 47 | .\" If the F register is turned on, we'll generate index entries on stderr for |
49 | .\" If the F register is turned on, we'll generate index entries on stderr for |
| 48 | .\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index |
50 | .\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index |
| 49 | .\" entries marked with X<> in POD. Of course, you'll have to process the |
51 | .\" entries marked with X<> in POD. Of course, you'll have to process the |
| 50 | .\" output yourself in some meaningful fashion. |
52 | .\" output yourself in some meaningful fashion. |
| 51 | .ie \nF \{\ |
53 | .\" |
|
|
54 | .\" Avoid warning from groff about undefined register 'F'. |
| 52 | . de IX |
55 | .de IX |
| 53 | . tm Index:\\$1\t\\n%\t"\\$2" |
|
|
| 54 | .. |
56 | .. |
| 55 | . nr % 0 |
57 | .nr rF 0 |
| 56 | . rr F |
58 | .if \n(.g .if rF .nr rF 1 |
|
|
59 | .if (\n(rF:(\n(.g==0)) \{ |
|
|
60 | . if \nF \{ |
|
|
61 | . de IX |
|
|
62 | . tm Index:\\$1\t\\n%\t"\\$2" |
|
|
63 | .. |
|
|
64 | . if !\nF==2 \{ |
|
|
65 | . nr % 0 |
|
|
66 | . nr F 2 |
|
|
67 | . \} |
|
|
68 | . \} |
| 57 | .\} |
69 | .\} |
| 58 | .el \{\ |
70 | .rr rF |
| 59 | . de IX |
|
|
| 60 | .. |
|
|
| 61 | .\} |
|
|
| 62 | .\" |
71 | .\" |
| 63 | .\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). |
72 | .\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). |
| 64 | .\" Fear. Run. Save yourself. No user-serviceable parts. |
73 | .\" Fear. Run. Save yourself. No user-serviceable parts. |
| 65 | . \" fudge factors for nroff and troff |
74 | . \" fudge factors for nroff and troff |
| 66 | .if n \{\ |
75 | .if n \{\ |
| … | |
… | |
| 122 | .\} |
131 | .\} |
| 123 | .rm #[ #] #H #V #F C |
132 | .rm #[ #] #H #V #F C |
| 124 | .\" ======================================================================== |
133 | .\" ======================================================================== |
| 125 | .\" |
134 | .\" |
| 126 | .IX Title "GVPE.CONF 5" |
135 | .IX Title "GVPE.CONF 5" |
| 127 | .TH GVPE.CONF 5 "2013-10-11" "2.25" "GNU Virtual Private Ethernet" |
136 | .TH GVPE.CONF 5 "2015-06-25" "2.25" "GNU Virtual Private Ethernet" |
| 128 | .\" For nroff, turn off justification. Always turn off hyphenation; it makes |
137 | .\" For nroff, turn off justification. Always turn off hyphenation; it makes |
| 129 | .\" way too many mistakes in technical documents. |
138 | .\" way too many mistakes in technical documents. |
| 130 | .if n .ad l |
139 | .if n .ad l |
| 131 | .nh |
140 | .nh |
| 132 | .SH "NAME" |
141 | .SH "NAME" |
| … | |
… | |
| 238 | .PP |
247 | .PP |
| 239 | Node-specific settings can be used at any time. If used before the first |
248 | Node-specific settings can be used at any time. If used before the first |
| 240 | node section they will set the default values for all following nodes. |
249 | node section they will set the default values for all following nodes. |
| 241 | .SH "CONFIG VARIABLES" |
250 | .SH "CONFIG VARIABLES" |
| 242 | .IX Header "CONFIG VARIABLES" |
251 | .IX Header "CONFIG VARIABLES" |
| 243 | .SS "\s-1GLOBAL\s0 \s-1SETTINGS\s0" |
252 | .SS "\s-1GLOBAL SETTINGS\s0" |
| 244 | .IX Subsection "GLOBAL SETTINGS" |
253 | .IX Subsection "GLOBAL SETTINGS" |
| 245 | Global settings will affect the behaviour of the running gvpe daemon, that |
254 | Global settings will affect the behaviour of the running gvpe daemon, that |
| 246 | is, they are in some sense node-specific (config files can set different |
255 | is, they are in some sense node-specific (config files can set different |
| 247 | values on different nodes using \f(CW\*(C`on\*(C'\fR), but will affect the behaviour of |
256 | values on different nodes using \f(CW\*(C`on\*(C'\fR), but will affect the behaviour of |
| 248 | the gvpe daemon and all connections it creates. |
257 | the gvpe daemon and all connections it creates. |
| … | |
… | |
| 385 | .IP "NODENAME=branch1" 4 |
394 | .IP "NODENAME=branch1" 4 |
| 386 | .IX Item "NODENAME=branch1" |
395 | .IX Item "NODENAME=branch1" |
| 387 | The nickname of the node. |
396 | The nickname of the node. |
| 388 | .IP "NODEID=1" 4 |
397 | .IP "NODEID=1" 4 |
| 389 | .IX Item "NODEID=1" |
398 | .IX Item "NODEID=1" |
| 390 | The numerical node \s-1ID\s0 of the node running this instance of \s-1GVPE\s0. The first |
399 | The numerical node \s-1ID\s0 of the node running this instance of \s-1GVPE.\s0 The first |
| 391 | node mentioned in the config file gets \s-1ID\s0 1, the second \s-1ID\s0 2 and so on. |
400 | node mentioned in the config file gets \s-1ID 1,\s0 the second \s-1ID 2\s0 and so on. |
| 392 | .RE |
401 | .RE |
| 393 | .RS 4 |
402 | .RS 4 |
| 394 | .Sp |
403 | .Sp |
| 395 | In addition, all node-specific variables (except \f(CW\*(C`NODEID\*(C'\fR) will be |
404 | In addition, all node-specific variables (except \f(CW\*(C`NODEID\*(C'\fR) will be |
| 396 | available with a postfix of \f(CW\*(C`_nodeid\*(C'\fR, which contains the value for that |
405 | available with a postfix of \f(CW\*(C`_nodeid\*(C'\fR, which contains the value for that |
| … | |
… | |
| 430 | instance using the same protocol, nor can you share the protocol with |
439 | instance using the same protocol, nor can you share the protocol with |
| 431 | other programs. |
440 | other programs. |
| 432 | .Sp |
441 | .Sp |
| 433 | The default is 47 (\s-1GRE\s0), which has a good chance of tunneling |
442 | The default is 47 (\s-1GRE\s0), which has a good chance of tunneling |
| 434 | through firewalls (but note that gvpe's rawip protocol is not \s-1GRE\s0 |
443 | through firewalls (but note that gvpe's rawip protocol is not \s-1GRE\s0 |
| 435 | compatible). Other common choices are 50 (\s-1IPSEC\s0, \s-1ESP\s0), 51 (\s-1IPSEC\s0, \s-1AH\s0), 4 |
444 | compatible). Other common choices are 50 (\s-1IPSEC, ESP\s0), 51 (\s-1IPSEC, AH\s0), 4 |
| 436 | (\s-1IPIP\s0 tunnels) or 98 (\s-1ENCAP\s0, rfc1241). |
445 | (\s-1IPIP\s0 tunnels) or 98 (\s-1ENCAP,\s0 rfc1241). |
| 437 | .Sp |
446 | .Sp |
| 438 | Many versions of Linux seem to have a bug that causes them to reorder |
447 | Many versions of Linux seem to have a bug that causes them to reorder |
| 439 | packets for some ip protocols (\s-1GRE\s0, \s-1ESP\s0) but not for others (\s-1AH\s0), so |
448 | packets for some ip protocols (\s-1GRE, ESP\s0) but not for others (\s-1AH\s0), so |
| 440 | choose wisely (that is, use 51, \s-1AH\s0). |
449 | choose wisely (that is, use 51, \s-1AH\s0). |
| 441 | .IP "http-proxy-host = hostname/ip" 4 |
450 | .IP "http-proxy-host = hostname/ip" 4 |
| 442 | .IX Item "http-proxy-host = hostname/ip" |
451 | .IX Item "http-proxy-host = hostname/ip" |
| 443 | The \f(CW\*(C`http\-proxy\-*\*(C'\fR family of options are only available if gvpe was |
452 | The \f(CW\*(C`http\-proxy\-*\*(C'\fR family of options are only available if gvpe was |
| 444 | compiled with the \f(CW\*(C`\-\-enable\-http\-proxy\*(C'\fR option and enable tunneling of |
453 | compiled with the \f(CW\*(C`\-\-enable\-http\-proxy\*(C'\fR option and enable tunneling of |
| … | |
… | |
| 605 | length. Only when the serial matches on both sides of a conenction will |
614 | length. Only when the serial matches on both sides of a conenction will |
| 606 | the connection succeed. This is \fInot\fR a security mechanism and eay to |
615 | the connection succeed. This is \fInot\fR a security mechanism and eay to |
| 607 | spoof, this mechanism exists to alert users that their config is outdated. |
616 | spoof, this mechanism exists to alert users that their config is outdated. |
| 608 | .Sp |
617 | .Sp |
| 609 | It's recommended to specify this is a date string such as \f(CW\*(C`2013\-05\-05\*(C'\fR or |
618 | It's recommended to specify this is a date string such as \f(CW\*(C`2013\-05\-05\*(C'\fR or |
| 610 | \&\f(CW\*(C`20121205084417).\*(C'\fR |
619 | \&\f(CW20121205084417\fR. |
| 611 | .Sp |
620 | .Sp |
| 612 | The exact algorithm is as this: if a connection request is received form a |
621 | The exact algorithm is as this: if a connection request is received form a |
| 613 | node with an identical serial, then it succeeds normally. |
622 | node with an identical serial, then it succeeds normally. |
| 614 | .Sp |
623 | .Sp |
| 615 | If the remote serial is lower than the local serial, it is ignored. |
624 | If the remote serial is lower than the local serial, it is ignored. |
| 616 | .Sp |
625 | .Sp |
| 617 | If the remote serial is higher than the local serial, a warning message is |
626 | If the remote serial is higher than the local serial, a warning message is |
| 618 | logged. |
627 | logged. |
| 619 | .SS "\s-1NODE\s0 \s-1SPECIFIC\s0 \s-1SETTINGS\s0" |
628 | .SS "\s-1NODE SPECIFIC SETTINGS\s0" |
| 620 | .IX Subsection "NODE SPECIFIC SETTINGS" |
629 | .IX Subsection "NODE SPECIFIC SETTINGS" |
| 621 | The following settings are node-specific, that is, every node can have |
630 | The following settings are node-specific, that is, every node can have |
| 622 | different settings, even within the same gvpe instance. Settings that are |
631 | different settings, even within the same gvpe instance. Settings that are |
| 623 | set before the first node section set the defaults, settings that are |
632 | set before the first node section set the defaults, settings that are |
| 624 | set within a node section only apply to the given node. |
633 | set within a node section only apply to the given node. |
| … | |
… | |
| 710 | .Sp |
719 | .Sp |
| 711 | Enable the \s-1ICMP\s0 transport using \s-1ICMP\s0 packets of type \f(CW\*(C`icmp\-type\*(C'\fR on this |
720 | Enable the \s-1ICMP\s0 transport using \s-1ICMP\s0 packets of type \f(CW\*(C`icmp\-type\*(C'\fR on this |
| 712 | node. |
721 | node. |
| 713 | .IP "enable-rawip = yes|true|on | no|false|off" 4 |
722 | .IP "enable-rawip = yes|true|on | no|false|off" 4 |
| 714 | .IX Item "enable-rawip = yes|true|on | no|false|off" |
723 | .IX Item "enable-rawip = yes|true|on | no|false|off" |
| 715 | See \fIgvpe.protocol\fR\|(7) for a description of the \s-1RAW\s0 \s-1IP\s0 transport protocol. |
724 | See \fIgvpe.protocol\fR\|(7) for a description of the \s-1RAW IP\s0 transport protocol. |
| 716 | .Sp |
725 | .Sp |
| 717 | Enable the \s-1RAW\s0 IPv4 transport using the \f(CW\*(C`ip\-proto\*(C'\fR protocol |
726 | Enable the \s-1RAW\s0 IPv4 transport using the \f(CW\*(C`ip\-proto\*(C'\fR protocol |
| 718 | (default: \f(CW\*(C`no\*(C'\fR). |
727 | (default: \f(CW\*(C`no\*(C'\fR). |
| 719 | .IP "enable-tcp = yes|true|on | no|false|off" 4 |
728 | .IP "enable-tcp = yes|true|on | no|false|off" 4 |
| 720 | .IX Item "enable-tcp = yes|true|on | no|false|off" |
729 | .IX Item "enable-tcp = yes|true|on | no|false|off" |
| … | |
… | |
| 727 | .IX Item "enable-udp = yes|true|on | no|false|off" |
736 | .IX Item "enable-udp = yes|true|on | no|false|off" |
| 728 | See \fIgvpe.protocol\fR\|(7) for a description of the \s-1UDP\s0 transport protocol. |
737 | See \fIgvpe.protocol\fR\|(7) for a description of the \s-1UDP\s0 transport protocol. |
| 729 | .Sp |
738 | .Sp |
| 730 | Enable the UDPv4 transport using the \f(CW\*(C`udp\-port\*(C'\fR port (default: \f(CW\*(C`no\*(C'\fR). |
739 | Enable the UDPv4 transport using the \f(CW\*(C`udp\-port\*(C'\fR port (default: \f(CW\*(C`no\*(C'\fR). |
| 731 | .IP "hostname = hostname | ip [can not be defaulted]" 4 |
740 | .IP "hostname = hostname | ip [can not be defaulted]" 4 |
| 732 | .IX Item "hostname = hostname | ip [can not be defaulted]" |
741 | .IX Item "hostname = hostname | ip [can not be defaulted]" |
| 733 | Forces the address of this node to be set to the given \s-1DNS\s0 hostname or \s-1IP\s0 |
742 | Forces the address of this node to be set to the given \s-1DNS\s0 hostname or \s-1IP\s0 |
| 734 | address. It will be resolved before each connect request, so dyndns should |
743 | address. It will be resolved before each connect request, so dyndns should |
| 735 | work fine. If this setting is not specified and a router is available, |
744 | work fine. If this setting is not specified and a router is available, |
| 736 | then the router will be queried for the address of this node. Otherwise, |
745 | then the router will be queried for the address of this node. Otherwise, |
| 737 | the connection attempt will fail. |
746 | the connection attempt will fail. |
| … | |
… | |
| 841 | .IX Header "SEE ALSO" |
850 | .IX Header "SEE ALSO" |
| 842 | \&\fIgvpe\fR\|(5), \fIgvpe\fR\|(8), \fIgvpectrl\fR\|(8). |
851 | \&\fIgvpe\fR\|(5), \fIgvpe\fR\|(8), \fIgvpectrl\fR\|(8). |
| 843 | .SH "AUTHOR" |
852 | .SH "AUTHOR" |
| 844 | .IX Header "AUTHOR" |
853 | .IX Header "AUTHOR" |
| 845 | Marc Lehmann <gvpe@schmorp.de> |
854 | Marc Lehmann <gvpe@schmorp.de> |
| 846 | .SH "POD ERRORS" |
|
|
| 847 | .IX Header "POD ERRORS" |
|
|
| 848 | Hey! \fBThe above document had some coding errors, which are explained below:\fR |
|
|
| 849 | .IP "Around line 516:" 4 |
|
|
| 850 | .IX Item "Around line 516:" |
|
|
| 851 | Unterminated C<...> sequence |
|
|
